diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-16 03:48:56 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-16 03:48:56 +0000 |
| commit | 33f1187220404bca6597de5368048316ece5139a (patch) | |
| tree | 35312d8fcfa501526257fa17a62533cbf390ba51 /core/helpers | |
| parent | 7679811a3143b5e05f78abb0e8ac816c87a36c3a (diff) | |
Don't allow the various ::create() methods to take "/" in the name.
Diffstat (limited to 'core/helpers')
| -rw-r--r-- | core/helpers/album.php | 9 | ||||
| -rw-r--r-- | core/helpers/photo.php | 7 |
2 files changed, 13 insertions, 3 deletions
diff --git a/core/helpers/album.php b/core/helpers/album.php index fc6368f8..7c667751 100644 --- a/core/helpers/album.php +++ b/core/helpers/album.php @@ -37,6 +37,10 @@ class album_Core { throw new Exception("@todo INVALID_PARENT"); } + if (strpos($name, "/")) { + throw new Exception("@todo NAME_CANNOT_CONTAIN_SLASH"); + } + $album = ORM::factory("item"); $album->type = "album"; $album->title = $title; @@ -68,7 +72,8 @@ class album_Core { static function get_add_form($parent) { $form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gAddAlbumForm")); - $group = $form->group("add_album")->label(t("Add an album to %album_title", array("album_title" => $parent->title))); + $group = $form->group("add_album") + ->label(t("Add an album to %album_title", array("album_title" => $parent->title))); $group->input("title")->label(t("Title")); $group->textarea("description")->label(t("Description")); $group->input("name")->label(t("Directory Name")); @@ -86,7 +91,7 @@ class album_Core { $group->input("title")->label(t("Title"))->value($parent->title); $group->textarea("description")->label(t("Description"))->value($parent->description); if ($parent->id != 1) { - $group->input("name")->label(t("Directory Name"))->value($parent->name); + $group->dirname->label(t("Directory Name"))->value($parent->name); } $sort_order = $group->group("sort_order", array("id" => "gAlbumSortOrder")) diff --git a/core/helpers/photo.php b/core/helpers/photo.php index ff4936b4..6467e797 100644 --- a/core/helpers/photo.php +++ b/core/helpers/photo.php @@ -43,6 +43,10 @@ class photo_Core { throw new Exception("@todo MISSING_IMAGE_FILE"); } + if (strpos($name, "/")) { + throw new Exception("@todo NAME_CANNOT_CONTAIN_SLASH"); + } + $image_info = getimagesize($filename); // Force an extension onto the name @@ -124,7 +128,8 @@ class photo_Core { $group = $form->group("edit_photo")->label(t("Edit Photo")); $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); - $group->input("name")->label(t("Filename"))->value($photo->name); + $group->input("filename")->label(t("Filename"))->value($photo->name) + ->error_messages("conflict", t("There is already a file with this name")); $group->submit("")->value(t("Modify")); $form->add_rules_from(ORM::factory("item")); return $form; |